SimpleMembership，MVC4，AuthorizeAttribute和角色 [英] SimpleMembership, MVC4, AuthorizeAttribute and Roles

问题描述

我想补充授权属性，我的一些MVC4控制器，他们罚款，只要它是一个计划工作 [授权] 或 [授权（用户=为myuser）] ，但第二次我在任何类型的过滤作用，它的加入分崩离析，例如。 [授权（角色=管理员）] 。然后，我开始收到这样的错误：

I’m trying to add authorize attributes to some of my MVC4 controllers, and they work fine as long as it’s a plan [Authorize] or [Authorize(Users="myuser")], but the second I add in any sort of role filtering it falls apart, eg. [Authorize(Roles="admin")]. I then start getting errors like:

中的服务器错误'/'应用。

Server Error in '/' Application.

发生-特定实例的网络相关的或错误而
  与SQL Server建立连接。服务器没有被发现或
  无法访问。验证实例名称是否正确，以及
  SQL Server配置为允许远程连接。 （提供者：SQL
  网络接口，错误：26 - 错误定位服务器/实例
  指定）

A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)

说明：在执行过程中发生未处理的异常
  当前Web请求。有关详情，请堆栈跟踪
  有关错误的信息以及它起源于code。

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

SQLEx preSS数据库文件自动创建错误：

SQLExpress database file auto-creation error:

连接字符串指定本地SQL Server防爆preSS实例
  使用应用程序的App_Data目录中的数据库位置。
  该供应商试图自动创建应用程序
  服务数据库，因为供应商确定数据库
  不存在。下面的配置要求是必要的
  成功检查的应用服务存在
  数据库，并自动创建应用程序服务数据库：

The connection string specifies a local Sql Server Express instance using a database location within the application's App_Data directory. The provider attempted to automatically create the application services database because the provider determined that the database does not exist. The following configuration requirements are necessary to successfully check for existence of the application services database and automatically create the application services database:

如果该应用程序是Windows 7或Windows Server上运行
  2008R2，特殊配置必要的步骤，启用自动
  建立供应商数据库。更多信息，请
  在<一个href=\"http://go.microsoft.com/fwlink/?LinkId=160102\">http://go.microsoft.com/fwlink/?LinkId=160102.如果
  应用程序的App_Data目录不存在，网页
  服务器帐户必须具有读取和写入访问应用程序的
  目录。这是必要的，因为Web服务器帐户将会
  如果它不已经自动创建App_Data目录
  存在。如果应用程序的App_Data目录已存在，则Web
  服务器帐户只需要读取和写入访问
  应用程序的App_Data目录。这是必要的，因为在网络
  服务器帐户将尝试验证Sql Server的防爆preSS
  数据库已经在应用程序的App_Data目录中存在。
  撤消读了App_Data目录访问向Web服务器
  帐户将prevent提供者正确地确定了
  SQL Server的防爆preSS数据库已经存在。这会导致错误
  当供应商试图创建已经一个副本
  现有的数据库。写访问权限是必需的，因为Web服务器
  创建新数据库时，帐户的凭证。 SQL
  服务器前preSS必须安装在机器上。进程标识
  为Web服务器帐户必须具有本地用户配置文件。查看
  关于如何创建一个本地用户配置文件的详细信息自述文件
  无论计算机和域帐户。

If the application is running on either Windows 7 or Windows Server 2008R2, special configuration steps are necessary to enable automatic creation of the provider database. Additional information is available at: http://go.microsoft.com/fwlink/?LinkId=160102. If the application's App_Data directory does not already exist, the web server account must have read and write access to the application's directory. This is necessary because the web server account will automatically create the App_Data directory if it does not already exist. If the application's App_Data directory already exists, the web server account only requires read and write access to the application's App_Data directory. This is necessary because the web server account will attempt to verify that the Sql Server Express database already exists within the application's App_Data directory. Revoking read access on the App_Data directory from the web server account will prevent the provider from correctly determining if the Sql Server Express database already exists. This will cause an error when the provider attempts to create a duplicate of an already existing database. Write access is required because the web server account's credentials are used when creating the new database. Sql Server Express must be installed on the machine. The process identity for the web server account must have a local user profile. See the readme document for details on how to create a local user profile for both machine and domain accounts.

源错误：

的执行过程中生成了未处理的异常
  当前Web请求。有关的起源和位置信息
  除了可以使用异常堆栈跟踪下面来识别。

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

堆栈跟踪：

[SQLEXCEPTION（0x80131904）：具体实例与网络有关的或
  而与SQL Server建立连接时出现错误。该
  服务器未找到或无法访问。验证实例
  名称正确，并且该SQL服务器被配置为允许远程
  连接。 （提供者：SQL网络接口，错误：26 - 错误
  定位指定的服务器/实例）]结果
  System.Data.SqlClient.SqlInternalConnection.OnError（SQLEXCEPTION
  例外，布尔breakConnection，行动 1 wrapCloseInAction）
  5295167 System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning（TdsParserStateObject
  stateObj，布尔callerHasConnectionLock，布尔asyncClose）+242结果
  System.Data.SqlClient.TdsParser.Connect（ServerInfo serverInfo，
  SqlInternalConnectionTds connHandler，布尔ignoreSniOpenTimeout，
  Int64的timerExpire，布尔加密，布尔trustServerCert，布尔
  integratedSecurity布尔withFailover）5307115结果
  System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin（ServerInfo
  serverInfo，字符串NEWPASSWORD，SecureString的newSecurePassword，
  布尔ignoreSniOpenTimeout，TimeoutTimer超时，布尔
  withFailover）+145结果
  System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover（ServerInfo
  serverInfo，字符串NEWPASSWORD，SecureString的newSecurePassword，
  布尔redirectedUserInstance，SqlConnectionString connectionOptions，
  SqlCredential凭证，TimeoutTimer超时）920结果
  System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist（TimeoutTimer
  超时，SqlConnectionString connectionOptions，SqlCredential
  凭据，字符串NEWPASSWORD，SecureString的newSecurePassword，
  布尔redirectedUserInstance）307结果
  System.Data.SqlClient.SqlInternalConnectionTds..ctor（DbConnectionPoolIdentity
  身份，SqlConnectionString connectionOptions，SqlCredential
  凭据，对象providerInfo，字符串NEWPASSWORD，SecureString的
  newSecurePassword，布尔redirectedUserInstance，SqlConnectionString
  userConnectionOptions）434结果
  System.Data.SqlClient.SqlConnectionFactory.CreateConnection（DbConnectionOptions
  选项​​，DbConnectionPoolKey poolKey，对象poolGroupProviderInfo，
  池类DBConnectionPool，的DbConnection owningConnection，
  DbConnectionOptions USEROPTIONS）5309659结果
  System.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection（的DbConnection
  owningConnection，DbConnectionPoolGroup poolGroup，DbConnectionOptions
  USEROPTIONS）+38结果
  System.Data.ProviderBase.DbConnectionFactory.TryGetConnection（的DbConnection
  owningConnection，TaskCompletionSource 1重试，DbConnectionOptions
  USEROPTIONS，DbConnectionInternal＆安培;连接）5311874结果
  System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection（的DbConnection
  outerConnection，DbConnectionFactory connectionFactory的，
  TaskCompletionSource 1重试，DbConnectionOptions USEROPTIONS）+143结果
  System.Data.SqlClient.SqlConnection.TryOpen（TaskCompletionSource 1
  重试）+83 System.Data.SqlClient.SqlConnection.Open（）+96结果
  System.Web.Management.SqlServices.GetSqlConnection（字符串服务器，
  用户字符串，字符串密码，布尔信赖，串
  的connectionString）+76

[SqlException (0x80131904): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)]
System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action1 wrapCloseInAction) +5295167 System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) +242
System.Data.SqlClient.TdsParser.Connect(ServerInfo serverInfo, SqlInternalConnectionTds connHandler, Boolean ignoreSniOpenTimeout, Int64 timerExpire, Boolean encrypt, Boolean trustServerCert, Boolean integratedSecurity, Boolean withFailover) +5307115
System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover) +145
System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout) +920
System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance) +307
System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions) +434
System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions) +5309659
System.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup, DbConnectionOptions userOptions) +38
System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection) +5311874
System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource1 retry, DbConnectionOptions userOptions) +143
System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource1 retry) +83 System.Data.SqlClient.SqlConnection.Open() +96
System.Web.Management.SqlServices.GetSqlConnection(String server, String user, String password, Boolean trusted, String connectionString) +76

[HttpException（0x80004005的）：无法连接到SQL Server
  数据库]结果
  System.Web.Management.SqlServices.GetSqlConnection（字符串服务器，
  用户字符串，字符串密码，布尔信赖，串
  的connectionString）+131结果
  System.Web.Management.SqlServices.SetupApplicationServices（字符串
  服务器，用户字符串，字符串密码，布尔信赖，字符串
  ConnectionString，则数据库字符串，字符串dbFileName，SqlFeatures
  功能，布尔安装）+89结果
  System.Web.Management.SqlServices.Install（数据库字符串，字符串
  dbFileName，字符串的connectionString）+27结果
  System.Web.DataAccess.SqlConnectionHelper.CreateMdfFile（字符串
  fullFileName，DATADIR字符串，字符串的connectionString）+386

[HttpException (0x80004005): Unable to connect to SQL Server database.]
System.Web.Management.SqlServices.GetSqlConnection(String server, String user, String password, Boolean trusted, String connectionString) +131
System.Web.Management.SqlServices.SetupApplicationServices(String server, String user, String password, Boolean trusted, String connectionString, String database, String dbFileName, SqlFeatures features, Boolean install) +89
System.Web.Management.SqlServices.Install(String database, String dbFileName, String connectionString) +27
System.Web.DataAccess.SqlConnectionHelper.CreateMdfFile(String fullFileName, String dataDir, String connectionString) +386

版本信息：Microsoft .NET Framework版本：4.0.30319;
  ASP.NET版本：4.0.30319.17929

Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.17929

我真的不知道是怎么回事。再次，如果我删除授权属性的作用位，然后正常工作（只要停止未经授权的用户至少），但它没有好，如果我必须努力code中的管理员用户到应用程序！

I’m really not sure what’s going on here. Again, if I remove the roles bit of the authorize attribute, then it works fine (as far as stopping unauthorized users at least) but it’s no good if I have to hard code the admin users into the app!

任何想法，这里发生了什么，以及如何使其正常工作？

Any idea what’s happening here, and how I can make it work properly?

谢谢，

推荐答案

我已经找到了解决方案（虽然我敢肯定有这样做的更好的方法）。首先，通过SimpleMembership使用的数据库未初始化足够早，让我感动的行：

I’ve found the solution (although I’m sure there’s a better way of doing it). Firstly, the database used by SimpleMembership isn’t initialized early enough, so I moved the line:

WebSecurity.InitializeDatabaseConnection("DefaultConnection", "UserProfile", "UserId", "UserName", autoCreateTables: true);

要Global.asax文件，并确保它得到了尽可能早地运行。 code的线可在过滤器中找到 - > InitializeSimpleMembershipAttribute.cs，围绕41行

to the Global.asax file and made sure it got run as early as possible. The line of code can be found in Filters -> InitializeSimpleMembershipAttribute.cs , around line 41

编辑：看来这下一位是没有必要的......

其次， [InitializeSimpleMembership] 属性需要被添加到任何类，其中的成员可能是一个问题，对我来说这就是所有的人，所以我加了一行：

Secondly, the [InitializeSimpleMembership] attribute needs to be added to any class where membership might be an issue—for me that’s all of them, so I added the line:

filters.Add(new InitializeSimpleMembershipAttribute());

到FilterConfig.cs文件中app_start文件夹中。

to the FilterConfig.cs file in the app_start folder.

这两个简单的变化似乎已经固定它。我敢肯定，也有一些改进，我可以作出的SimpleMembership东西一般运作纳入MVC4不过，这似乎并不写得很好（硬codeD连接字符串等），所以它可能是这些问题可以通过使SimpleMembership东西写得不好摆在首位是固定的！

These two simple changes seem to have fixed it. I’m sure there are some improvements I could make to the general workings of the SimpleMembership stuff included in MVC4 though—it doesn’t seem very well written (hard coded connection strings etc!), so it could be that these issues can be fixed by making the SimpleMembership stuff well written in the first place!

这篇关于SimpleMembership，MVC4，AuthorizeAttribute和角色的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！